Expose NGINX Ingress Controller with public or private network on Azure Kubernetes Service (AKS)

Akash Patel

3 min readJul 11, 2024

In this article we will see different ways to create Nginx Ingress Controller on Kubernetes.

Basic Nginx deployment on kubernetes (kind, minikube, etc).
Standard Kubernetes Nginx deployment on AKS.
Deploying Nginx Ingress Controller using an internal IP address on AKS.

Before we start I will assume you have already installed Helm and Kubectl if not use the following links.

Helm

1. Basic Nginx deployment on kubernetes (kind, minikube, etc).

To deploy Nginx Ingress controller follow the below steps.

Step 1. Adding helm repo for the ingress controller.

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx

Step 2. To update the helm repository data.

helm repo update

Step 3. To install the ingress controller.

helm install ingress-nginx ingress-nginx/ingress-nginx  \
--namespace ingress \
--set controller.ingressClassResource.name=nginx

We have successfully deploy Basic Nginx Ingress Controller.

When using tools like Kind, Minikube, or K3D to run Kubernetes locally, it’s important to understand that the external IP address of the Nginx Ingress Controller will not be your local system’s IP address. This is because these tools use Docker to run the Kubernetes cluster, which means the external IP will be from the Docker network interface, not your local system’s IP.

2. Standard Kubernetes Nginx deployment on AKS.

To deploy Nginx Ingress controller follow the below steps.

Step 1. Add the ingress-nginx repository.

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update

Step 2. Set variable for ACR location to use for pulling images.

ACR_LOGIN_SERVER=<REGISTRY_LOGIN_SERVER>

Step 3. Use Helm to deploy an NGINX ingress controller.

helm install ingress-nginx ingress-nginx/ingress-nginx \
    --version 4.7.1 \
    --namespace ingress-basic \
    --create-namespace \
    --set controller.replicaCount=2 \
    --set controller.nodeSelector."kubernetes\.io/os"=linux \
    --set controller.image.registry=$ACR_LOGIN_SERVER \
    --set controller.image.image=$CONTROLLER_IMAGE \
    --set controller.image.tag=$CONTROLLER_TAG \
    --set controller.image.digest="" \
    --set controller.admissionWebhooks.patch.nodeSelector."kubernetes\.io/os"=linux \
    --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-internal"=true \
    --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-health-probe-request-path"=/healthz \
    --set controller.admissionWebhooks.patch.image.registry=$ACR_LOGIN_SERVER \
    --set controller.admissionWebhooks.patch.image.image=$PATCH_IMAGE \
    --set controller.admissionWebhooks.patch.image.tag=$PATCH_TAG \
    --set controller.admissionWebhooks.patch.image.digest="" \
    --set defaultBackend.nodeSelector."kubernetes\.io/os"=linux \
    --set defaultBackend.image.registry=$ACR_LOGIN_SERVER \
    --set defaultBackend.image.image=$DEFAULTBACKEND_IMAGE \
    --set defaultBackend.image.tag=$DEFAULTBACKEND_TAG \
    --set defaultBackend.image.digest=""

This will deploy Nginx Ingress Controller and also creates Azure Application Gateway (L7 load balancer) with Public IP.

3. Deploying Nginx Ingress Controller using an internal IP address on AKS.

To deploy Nginx Ingress controller follow the below steps.

Step 1 & 2 remains the same.

Step 3. Use Helm to deploy an NGINX ingress controller.

You need add this argumement.
— set controller.service.loadBalancerIP=<internal IP address>

helm install ingress-nginx ingress-nginx/ingress-nginx \
    --version 4.7.1 \
    --namespace ingress-basic \
    --create-namespace \
    --set controller.replicaCount=2 \
    --set controller.nodeSelector."kubernetes\.io/os"=linux \
    --set controller.image.registry=$ACR_LOGIN_SERVER \
    --set controller.image.image=$CONTROLLER_IMAGE \
    --set controller.image.tag=$CONTROLLER_TAG \
    --set controller.image.digest="" \
    --set controller.admissionWebhooks.patch.nodeSelector."kubernetes\.io/os"=linux \
    --set controller.service.loadBalancerIP=<internal IP address> \
    --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-internal"=true \
    --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-health-probe-request-path"=/healthz \
    --set controller.admissionWebhooks.patch.image.registry=$ACR_LOGIN_SERVER \
    --set controller.admissionWebhooks.patch.image.image=$PATCH_IMAGE \
    --set controller.admissionWebhooks.patch.image.tag=$PATCH_TAG \
    --set controller.admissionWebhooks.patch.image.digest="" \
    --set defaultBackend.nodeSelector."kubernetes\.io/os"=linux \
    --set defaultBackend.image.registry=$ACR_LOGIN_SERVER \
    --set defaultBackend.image.image=$DEFAULTBACKEND_IMAGE \
    --set defaultBackend.image.tag=$DEFAULTBACKEND_TAG \
    --set defaultBackend.image.digest=""

Some key points to note here is to keep in mind are mention below.

You have to use IP address from the IP from the subnet of AKS cluster.
If you ever delete Nginx Ingress Controller you will have to use another IP address as this one might get assign to any other service running inside Kubernetes.

Expose NGINX Ingress Controller with public or private network on Azure Kubernetes Service (AKS)

1. Basic Nginx deployment on kubernetes (kind, minikube, etc).

2. Standard Kubernetes Nginx deployment on AKS.

3. Deploying Nginx Ingress Controller using an internal IP address on AKS.

Written by Akash Patel

No responses yet